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Abstract of JP8204702 
PURPOSE; To allow a center to conduct 
cipher communication with a terminal 
equipment and verification of the terminal 
equipment without having a cipher information 
list by writing an ID of a terminal equipment 
and cipher information in advance to the 
terminal equipment and to cipher data again 
and to obtain the cipher information at 
communication and to allow the center and the 
terminal equipment to use the cipher 
information in common. 
CONSTITUTION: A center 300 Keeps 
ciphering information Kc . The center 300 
calculates terminal equipment cipher 
information Si = Encipher (Kc .IDi ) based on 
the IDi of the terminal equipment to initialize 
the terminal equipment 360. The center 300 
writes the IDi and the Si to the terminal 
equipment 360. At the start of cipher 
communication, an ID information storage 
device 391 of the terminal equipment 360 at 
first sends the IDi to a network interfece(IF) 
380, the IF 380 sends the IDi to a center 300 
through a network 350. A terminal cipher 
information holding equipment sends 
information Si to a key storage device 393. 
The center 300 receives the IDi and gives it to 
a converter 320. The converter 320 receiving 
information Kc from a storage device 321 
calculates the information Si and stores it to a 
storage device 322. Thus, the center 300 and 
the terminal equipment 360 use the 
information Si in common to allow the center 
300 and the terminal equipment 360 to 
conduct cipher communication. 
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[0 0 0 1 ] 
5. 

[0 0 0 2 J 



a<3tejfcrt-3TI»^»«>Jis*Sff5*EA**^. 

»Ba**>**^ra#ttt,***«, ::tiw 
tth fBsanF^x43j:^Raie^K«fflv^ett 

1 9 9 0) irftl^Jfi^feftT^S. KTTll *58W 
20 MD&aj WUXhfc»*Tlri*Jb"fcT*fc. £(TT 

[0004] auxh^sm ^aaaa* a*.i 

*«©«W»**0m-frS. jSAllBdOH^a&ttJ* 
tt. tt«»«)UXh€r*t>*ia64»^ft*«, 4»B*UX 

hs:^^, aenttwk:. r*aa©fc«->TJBt*«B 

^Tnfc bT fc-t > * test y x h stf^iME****. 

30 [0 0 0 5] »B»»9*ftfc/fl-r**ttT* r I DC 
»SJ (»WIB6 3 -3 1 4 5 8 6) CSfKifi^Sn 

t^s, w*tf. tt*A£»3KB*<a©t-s*ftti#*. 

ft. n, eS«*LT^. JSsfcACOID (3S#I#^) 
T£3 I D A tt, 

Si* • I D A = 1 (mod n) 
40 WflfBBS.t, JfeafttftfSffitia, n. etftj»l/T 
Si" • I D B = 1 (mod n) 

*B44*, 

45 x 4 =S A ■ a rA (mo d n) 

tttTBHtABr. 

x> =S B • a r6 (mod n) 
fc*x,«r»L. A|:ID„ x„ Att. B 

50 K A Sr, 
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K A = (X 8 C • I D B ) ' A (mod n) 
K g = (X 4 ' • I D A ) rt (mod n) 

K,=K B = a KTKtl 
[0 0 0 6] 

ft, 'J x K©tt*K:*»rd:gtJ)[fl:^j!fc«c5. ifc, 
tOO 0 7] IDlC«fcS»**rl4. 

(y = x* (mod n) «>#a>«») €fiJffl-J"JSfc 
[0 0 0 8] *«E9!**»*LJ:5a:-*-5»aitt. gfc'JX 

5. 

[0 0 0 9] 

fb*±vs&^*fcoTaft«*©«5Rw i D*«e-r 

■fe > t ^t£» bTiffifB fflSf * ±j£f 

3asffla£fiOT*a@aaftttaR£. 

&See>I D^iJE-b: 

h7^o^7x-xt, aaft&Btta&att/fl® 

So 

VM, KrDeeipher (K, 

KH«t#«n*. Encipher 
(K, M) HJCSMO»Ki:J:^^fc Dec iph 

c r (k, c) w^c^aKia^s^^st. « 

WfcWRE n c iphcrli W&^£:C = E n c i d h 
er (K, M) 3&»6K*ftJ6"r^Mfe«[Jcra'i. *5 

[0 0 1 7] **9JTI43&I;:* «-3eAv5>j.B8ft& 
C = h a s h (K, M> 



Eir>^fwt!^©*ra(B»cffltr^rawsja*t 

a«T**v h7-^>?7x-Xt, a»l#^ft» 

sart3-fe>^»*««ft»^T«*LTafiffla**js 
io -rssEsiaH^ ttfl4SffljH&«flr-r^ae^»«flF« 

15 ta«t, «Eaw(»^**&r**yh9-^<>* 

[0011] (UaoWg*j»tttafci&; *a<0»=C5) 
20 MWtt* *BO»-Xtt«-<o»Wfc45ViT, MEiB£ 

[0012] aaBQaafettftrs&ab. *a0$ncr> 

[0 0 13] 

[ooi43 fesan^a, ^fb£ffl^T!p)-a>«* 

M?*!MfcB8jBtE nchipher, ft^ 
35 fbWS&D e c i p h e r ©NJKtt. 
[0 0 153 
[HI] 

Encipher (K ( M))=M 

[0018] *aw©Hatawr*, 

[0 0 1 9] *5E^T«. -t>*C!>*#»saB»«K 

as* j sfflaft-r-sai:. -e^a*© i d 

S,=Enc i pher (K c . ID,) 
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fcSStt&tr. 

[0 0 2 0] -fe>^4:«|*l t*taa*fr3«^ 

S; =Enc i phe r (K c . ID,) 

[0 0 2 1] 

IXKm *^*flB9i^v>TiaB5*#JIHL,TBIIIfca 
[0 0 2 2] El (a) *«©»--*±WBH. » 

[0 0 2 3] -fe>*tt. -t>*«»Wfl»^SW«MBK c 

<Di&*<0 1 DT'&Z I D,^5 
Si=Enc 5 pher (K r , ID,) 
fcaHS-T* (B 1 Xr>^s ii)„ i D| i 

Si£**K:*#atr (0Uf^ysi2) o z.z 

[0 0 2 4] ftfir©^+ v>i*-H(r**W 

[0 0 2 5] «*0>lUWfcPJ*il»^ftH*' , eJCc<a^# 

[0026] BS^»«©Bi«HFKtt, "ar«*3 6 o t 

£^T, I D««fta»SSR3 9 13&«»3KI DT»* I D 
i h7 — i7<>^7x-X3 8 0£j&0, *y S 

■7"M>^7x-^3 8 OttI D, **y h7-£ 3 
5 0S-^UT-t>^3 0 Otriaia (BlX^y^S2 
1) . Sfc, A3tE««ilHBS}VSiS3 9 2» % 38*8?g 

3 6 0rtC0»fitt/tX3 7 OfefrLTfrfcna. 
[0 0 2 7] ir>^3 0 OKiS^Ttt, *y K7-^-f 
>^7x-73 3 Otf*y h«7-0 3 5 0£fl-LT*8=fc 
3 6 0/j^ID, taikO. <£&&fK3 2 0 UK*. & 
3 2 0H -fe >?|fttttfH8ft&&& 3 2I»6t 

S,=Encipher (K c , IDJ 

3 2 2lX«M» i r* (HUfy^S22) f :iftSil> 



?3 0 0 rt0>afcM7t* 3 1 0 fcfrLTfrfctlSo 

*SSE€rfr 3 £ £ njfle*cfc*. 
[0 0 2 8] SB5R«DlBffcl«CAyi/3.H»*JBtf^S8» 

10 [0 0 2 9] BS-*iHS*f? 5 K c fcftfSLT 

[0 0 3 0] fcf?0**y KOWKHSt, ft 

15 tt7yif-f^>#ttK ( tS»U *tr>a* 

HtLT^rac&at-c**. rate*. *«f*t»o 

^ X^ >tf-Htf - fc?X flMMMS 
[0 0 3 II B3tt, **MU£«fflT5 I C*-K'J- 

[0 0 3 2] ^-^itia/fSfiS 1 0 Hi, *- FtttfUSK 
25 1 0 3*6^-^M*ffl«feaWJR0, r-^«3R}B* 
SIM-PlOOfcB^ x-^tB^SSSl 0 ltt, 

*^>*i i o*&«*iDfc#*]«ai 2 

I CA-K 1 0 0 fcig^S, 
30 [0 0 3 3] T^AAftBl 0 2tt*-F*tBfSHl 

0 3rt»6(Dft»iB*£SttTE»U. IC*-K100 

a*. 

CO 0 3 4] 0 3f4, IC*-F10 

35 0 cD|*A£ttJHLT* ^-^JiiAS^feR AM 1 1 1 
250* RAMI 1 l*&*-F««fcSWRD. 
tt^'J 1 1 2KLlH*»*«8*. *-H*fM6Rl 0 

3tt. rffifij ^JB^^tty-^B/jsa 

1 0 1 ^->*g#fg-<fr£, v'-^AASH 10 2i:g 
40 SMB*£iS*. *-PttBi8El0 3H KfS«*^ 

r 9*a^j AO>^ l 1 0 

[0 0 3 5] ^-K»*-f >^7x-X 1 0 4tt, fijm 
*©A**SW- ^-K1S?S&RAM1 1 l^i**, 
45 [0 0 3 6] XV>9 1 1 0 tt*Ct5*ao I"D*«»* 
LTV^ fl A^>^ 1 1 0 A- h'ttffl&G 1 0 3*^ 

50 1S:SD^^ 0 
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[0 0 3 7 ] IDWS*»tWRtLT, 

[0 0 3 81 RAMI 1 in K«fcettJ*** # 
$. RAMI 1 111 ^-KSfcfrf >^7i-X*6* 

-h«**»*jb?k £tt£*#r*» RAMI 1 1 

n *-Kttffi»Bl 0 3/j^7 f -^diAJg^$:^j'5E 

t-HMs^HftaisBiosca*. ram 

1 1 in £»ieni 2 i^6x-*iB*»^*a*tJfi 

0, *-KfiMS*»M«Bl 2 1 
[0 0 3 9] ^Wffi^tU 1 1 2fct 

[0 040] iftSttfflR AM 113H JMSdSE 1 2 1 

n i c#- Ktoa««ff 5*b^ i ca- k^bse 

[004 1] PS*HSBl 2 0H *0>^1 10*6« 
*I DST»9Ht/^U 1 1 2 

T»*ft*tme&j*u nxee«se#su&ia i 2 

*^12 0H it, ^-^AglHl 

0 2^63S*I Dt^«»tt^*U 1 1 23&»S-fe>;JM* 

J3iJ£K 1 2 1 Kft*. 

[0 0 4 2] fcgiJ&fKl 2 ltt, Pfr«»Bl 2 0#>5fll 
*fra«M&£»WRD, RAMI 1 l«Itfi*«*sa 
9, RAMI 1 lA»&*-h'«MfcaWR*, 5MN«S 

1 2 in q£-H«f«*« raafsj a?»^fctt«i*»s« 

»£ffle»fflRAMl 1 3Ki££ 9 »Mfifil 2 in 

-*a*«Bi 0 1 data, 
[0043] ii(B-S*a*©2-3<D^-r« 

5*B, SAafr/fWefTiSB^WM^RlfiST**. 
[0 0 4 4] 02 (a) n *H©»^BJ:OTB=, « 

8Sn*a*B* SI 2 (b) n *Kfl3tS=i5.fca:«=, 
[0 0 4 5] t>^^W7S5§MK [] 

(j = i. 2. n) £»#lth&. -fe>^n as 



Si,-En cipher (K„, ID*) <J = 1, 
2, ■■«, n) 

ft3f-»TS (H2Xry^S 111), D ; 
tS u (J=l, 2. -n) <@2* 
05 f-vZfS 1 1 2) 0 r^T, "t>^tt»-a>»BT«a 

(J=l. 2, -» p n) mttT**. 

[0 0 4 6] nwaeomttiecn srjnH*4 e 0 c 

ID«HfHV«B4 9 1#ID, t*7h7- 

x-74 8 0ttStt«oftIDi ft*y h 7-^4 5 0 
^LTt»4 0 0teiS* (H2Xyy^S 1 2 

1) . 

[0 0 4 7] -fe>5?4 0 OC^^TH *y js^/,^ 
15 >*7x-^4 3 0H *vh7^4 5 0tJH,Ta 
*4 6 0A>6 1 Dj SrSttK*. 

x-x4 3on a»«t>ftiDi sae««B4 2ot 

32Uft4ft£KB4 2 3tt-fe>*ft»tf«l«|$£ 
524 2 l^«Sf3*§«»«f«flr)a^6— Oft86^ (0 
20 2^y^S 12 2). t0fMM0>*8'J&?« J it 
T*o aKU***ftfcSB4 2 3n J fc-fe 
R»*fi4 2 l*J:tf*y h7^<>^^X-74 3 

OfcjKft. -fe>^»\feti9^ffi^fSiS4 2 in 

25 *HkB4 2 1 n j «ayj«$efe«ttR4 2 3 

J ttro*ftftffift££ttttB4 2 0(1 

4 3 0*6 ID,*, 1*>*8&«W«»»B4 2 lfr 

30 S n =Enc ipher (K ri . ID,) 

fcttoTSHM-* (H2^fy7S12 2) „ 
4 2 0ttS, J ^aflffl»«tS46B4 2 2K*Jft-ra. * 
7h7-^<>^7x-X430fl 3SSU8-9&/E4EEB 
4 2 3ft>&ft&ffitta&ij&# j 

35 H l 7-^4 5 0*^UT«*4 6 0lrai$ (H2Xry 
^5 12 3) o "fe>*4 0 0rt©aettA*4 1 0^ 
LTff 

[0 0 4 8] «5M6 0fcM3HT, *yh7-^-f>^ 
7x-^48 0#*y h7— 9 A 6 0 LT-fe>^ 4 

mi&m4 9 2 tcig^o fl)^ftS1#ft{K»ttB4 9 2 n 
*y I-7-d7^>^7x»X4 8 0#&«»J*» J 

4 9 3 fc«HB1-§. 3g*4 6 0 rtwaett/X^ 4 7 0^ 
45 rfrtTfrton*, 

[0 0 4 9] -K±0*tt*T, ■fe^4 0 0*±tW* 
4 6 0*<ftS8«S„*S*Ma, £IK, -fe>^^«8 

4) ♦ -fe>^«. tfc. Su'&fflVNT^sgiuE^fr^z: 
5Q tt>ptt£T'&%« 
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[0050] 4z3zmm&**y is ^oymzi&m-f 

±tt* wmiz±oT&t*&wmttwtm^%mm 
[0052] ®4\z* i cti-mmfc<Dm&cr>~9zm 

[0 0 5 3] v^dl^&ElO laH I Dffl*^> 
*1 1 0a^6iffi^TD&S^Drn*IC^-Hl 

0 0a CijSfc. f^ffl*BH10latt. $ 6 fc, 

[0 0 5 4] *-H«ffi«Bl0 3att, IDM»)> 
* 1 1 0 a*«tO»B«*gatffl«*i>>4r i 3 0 fcfi® 

[0 0 5 5] I Dffl*tf>* 1 1 0 att*K3«&<DI 

&tfj£fi21 0 3 a*>&»*»**SWTfiftU I Dffi 
1 1 0 a3WSff«»lM*I DtLT*« 

ssi 2 0 afcjztfT^fflasaai 0 1 atB«u 

1 Dm*o>* 1 1 0 &tfitm*&skmz 1 ^auAs. 
[0056] ^asw^ij ii2ati -fe>^aew« 

SE120a 

[0 0 5 7] KH#8H12 0tt, #S>^1 1 0a*6 

ffifaSrJHft^—^fflAftBl 0 1 afci&S. 
[0 0 5 8] &ei#8tt»ffl*9>^l 3 Ott, 

1 1 2 aKil(MdnT0^«ffiflnROtt»j»««||^ 
«U £**nfcSW#****»5Mfc**ij 1 1 2 afc 

[0 0 5 9] Hfitt, *ftWt I C*-H'J-^R:a« 

[0 0 6 0] T-fmjl&m 0 1 btt, *— Fttffltt 

a 1 0 3 b***-*s#»i>**tJR0, t^k* 

Cfc-KlOObCSiS. T-^flMjfStSl 0 



[0 0 6 1] ^-^A**B1 0 2 btt*-HttfflftB 
1 0 3 b3foe©fi»«*£ftttTBBU IC*-M 

oob*»6a*iDe«w»o, ttsiD&reKiai 

05 2 0 b^. 

[0 0 6 2] K»U«H1 0 3 b«, IC*-H1 
0 0b<^}fA*«tbLT, x-^rt^-K&ftggl 
0 3 btt, -r-^HiA^Sl 0 1 bi:r-^MM 
*• f-^A^^Sl 0 2 bcanJS<ftft, s$#J#^ife 

[0 0 6 3] TCJWg^y 1 1 2 b«. 4>ft< £=b-:p 

oi*>^a«««*«#r*» Twss^* u 112b 

15 ^iSi2 0bl:S5, 

[0 0 6 4] jlfgftfflRAM 1 13bH Jf^£i£ 1 2 

0 b*&2iifi>t&sw&D&j?r$. aima/HRAMi 
i3btt, ic^-HtcoaeefxittB^i c*-h 

20 [0 0 6 5] BS^RH 120bH 5 s -* 

©10 2 b*&**I bSWWHS^y 1 1 2 b*6 

te$S£2&{3&fflRAMl 1 3b£iSa„ 
25 [0 0 6 6] ftM*«fe£KB14 0tt, 

B1 0 3 b^&©fiffl»**»rrfi»U *«5Stt* 
1 12 b**«»T^-fe>^«ttfl«©'5 

*<7>a»u#^*?F««tt^^ ij 1 1 2 b*j:tf 

^-^ffi^SSl 0 1 bKfl&s. 
30 [0 0 6 7] ddTv IKTfifoT 

3F««tt*^iJ 1 1 2 b#m-<Z>im&&/!:tt£ffioT 

4 on, ^iwstty^&y 1 1 2 bo?ltt> 
35 awJWfeiH^-rftiiicai. 

[0 0 6 8]^^rn a« - **a*t^n-ena4 

40 [0 0 6 9] C*-H*M*tLT*»W*S8 

[0 0 7 0] W*&fB2 0 Ott, I Dft#ffl5F»58tt* 
2 £U2 1 0d»S«*I Dftg^JRO, *-K , J-^2 2 

0 tCS^o 

45 [0 0 7 1 ] AA«H2""0"ltt," 2 O'^ " 

*I D£I DStfffl^ffRtt^'J 2 101', tt^&S 

50 [0 0 7 2] A**H2 0 ltt*ft. *-KU-^2 2 
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**'J 2 1 OKBMrtfrWea*. A^J^{22 0 lt*3& 

ttsao, ctL^ttcwAftrmTtvxtt^^u ant 

K^, 05 
[0 0 7 3] I DfiOTfflWSBttji^'J 2 10H KJ) 

tfVflTOtt^l) 2 1 Ott, A»»lfi2 0 1*& 
A#£fB 2 O 1 * &aj?tcfteifSffi 'J X h o , « 

^ta, eemifiutiflTWfftt^^EU 2 1 1», t 

*• 15 

[0 0 7 5] 9fiS)DRAM2 I 2tt, ttftttttfiftSH 
*fl&tt;*^'J 2 1 1*6, ttttMfiW^ltBDtt 

[0 0 7 6] ifi<5&fflRAM2 1 2tt, Jo- KU-^fc 

©as *ff 5 gs* s 7 ? t x WW izwds s n*. 20 

[0 0 7 7] C^Ctt, «tfO!)*^yj/a*-HlwStaS 

*«as#©«ffl^fta»ur*5^r. 30 

[0 0 7 9] 

mi) ia 1 u, 3wb<ds-:b jzw*=, mwvwwiz 
*tt^*>*j3<fctx«*te*w«»»iffci»^j:«aew 

-IW3I- B13li, KU-^fcSB 45 



W4] 0411 ^Bj^SS-cO^Wcofc^^^fh^fi 1 
[0 5] H5tt, *^ffi-03S£^**-HU-^tC3» 

[0 8] B8tt, *H©»-.0«W©*»WS»rH"(* 

1 0 0. 1 0 0 a, 1 0 0 b I C;*?- K 

101, 10 1a, 10 1b x-^iUASIB 

1 0 2, 1 0 2b tt-^A**!£ 

103, 103a, 103b A- KtttUttES 

104 ^-FRS>f>*7x-X 

110 

110a IDffi*£>* 
1 1 1 RAM 

112, 112a, 112b 3FftSEtt**y 

113. 113b I^iRAM 
120, 120a, t 2 0 b 

1 2 1 a-gij&ia 

130 ««««anAVAt»^ 

1 4 0 Sttn«MK£ttB 

200 m^j^fis 

2 0 1 A»«B 

2 10 I D«Sffl^FW«Btt^« U 
2 1 1 t£Stfftfttt#7!V%tt*%U 
2 12 if&te&ffiRAM 

2 2 0 y7-H>J-5^ 

3 0 0. 40 0 

3 10, 4 10 /XX 

3 2 0, 4 2 0 XftttK 

3 2 1, 4 2 1 *>»»BffittftttttB 

3 2 2, 4 2 2 afiflttftftftB 

42 3 tti|ijB*tt&ttB 

3 3 0, 4 3 0 *yh9-?-f>*7x-^ 

3 5 0.4 5 0 *y K9-£ 

3 6 0,4 6 0 

3 7 0,4 7 0 AX 

3 8 0, 4 8 0 *y hP-f-f >*7x-X 

3 9 1,491 I DtitRftftttft 

3 9 2, 4 9 2 «*Bffi10«S»eB 

3 9 3, 4 9 3 afS^ftiS^KB 



- 7 - 



2005 11 14 10:27 



V£ 05-11-14:11 :26AM; 



*'J7 



;0465802491 # 16/ 53 

4$B¥8-2O470 2 



nan 



Sll 





ici<Kc,IDi)) 









IDi* 








EacipbcrCKc, ID03r 


- 







S23 



100a 



JOla 



[04] 



'103a- 



***** 



120a 











. 1 





- 8 - 



2005 11 14 10:27 



SB 0 5—1 1 — 1 4 s 1 1 : 2 6AM; 



*U7 



; 0465802491 



# 17/ 53 



44RB¥ 8-204702 



M2] 



$111 




*z>9 *Kel. KA- JCoa^JA^r 
Sii,s&,—,$iQ$fft£ 

(3$ B EnclpheKKcj, IDz)) 



124 



- 9 - 



2005 11 14 10:27 



05-11-14:11 :26AM; *U7 ; 046580249 1 # 18/ 53 

#B¥8-2 0 4 7 0 2 



[03] 



lOQ 


J 


101 






1 

■ 

! 
















" 1 

■ 
































*-K ; 











RAM 



11) 



104 



110 



120 



121 



112 



RAM 



15] 



100b 



101b 



re* - k 



102b 



103b 



120b 



nasi** 


i 


112b 







UJb 



RAM 



- 10 - 



2005 11 14 10:27 



05-11-14:11 :26AM; 



*'J7 



10465802491 



# 19/ 53 



8-204702 



[H6] 



210 



200 



















i 


211 
















I 

« — i — 

* 



201 i 



220 



[07] 



321 



flttt&ft 



333 



*7 f-?^* 



300 



320 

w 

310 



330 



350 



360 

^1 



*-7 K»7-* 



380 

370 



1 






1 













3*1 



392 



393 



- 11 - 



2005 11 U 10:27 



M 0 5 — 1 1—14.11 :26AM; 



10465802491 # 20/ 53 

*5W¥8-2 0 4 7 0 2 



421 



422 



<sm&tt 



IB8) 



400 



420r 



oral** 



423 



430 



410 



450 



, 480 



460 



470 



1 






1 


Ortfttft 
«9*tttt 











491 492 



493 



- 1Z - 



Z005 11 U 10:27 



JP,0%204702,A [CLAIMS] 



Page 1 of 1 



* NOTICES * 

JPO and NCIPI are not responsible for any 
damages caused by the use of this translation. 

1 .This document has been translated by computer. So the translation may not reflect the original precisely. 

2 **** s hows the word which can not be translated. 
3. In the drawings, any words are not translated. 



CLAIMS 



[Claim(s)] 

[Claim 1 ] Are cryptographic key management equipment at the time of a center and two or more terminals 
performing ciyptocommunication, and it sets in said center. A storage means to hold center confidential 
information, and the network interface which receives ID of the terminal of a communications partner in 
encryption and decode, Provide the inverter which changes ID of this terminal using said center confidential 
information, and generates the key for a communication link, and the key supporting structure for a 
communication link holding this key for a communication link, and it sets to the terminal of said 
communications partner. The equipment holding self ID, and the storage holding the terminal confidential 
information which is the result of changing this self ID using said center confidential information, 
Cryptographic key management equipment characterized by providing the network interface which transmits 
said self ID to said center, and the equipment which holds this terminal confidential information as keys for a 
communication link. 

[Claim 2] Are cryptographic key management equipment at the time of a center and two or more terminals 
performing cryptocommunication, and it sets in said center. A storage means to hold at least one center 
confidential information, and the network interface which transmits to a terminal the identification number 
which receives ID of the terminal of a communications partner in encryption and decode, and is used for a 
communication link in said center confidential information, The equipment which determines an identification 
number, and the inverter which changes ID of said terminal using said center confidential information 
corresponding to said identification number, and generates the key for a communication link, Provide the key 
supporting structure for a communication link holding this key for a communication link, and it sets to the 
terminal of said communications partner. The equipment holding self ID, and the storage holding the list of the 
terminal confidential information which is the result of changing this self ID using said center confidential 
information, Cryptographic key management equipment characterized by providing the network interface which 
transmits said self ID to said center, and receives said identification number, and the equipment which holds the 
terminal confidential information corresponding to said identification number as keys for a communication link. 

[Claim 3] Cryptographic key management equipment characterized by using a secret key cryptosystem in the 
cryptographic key management equipment of claim 1 or claim 2 as conversion which generates a key from said 
terminal ID. 

[Claim 4] Cryptographic key management equipment characterized by using a Hash Function in the 
cryptographic key management equipment of claim 1 or claim 2 as conversion which generates a key from said 
terminal ID. 



[Translation done.] 
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DETAILED DESCRIPTION 



[Detailed Description of the Invention] 
[0001] 

[Industrial Application] This invention relates to the cryptographic key management equipment for the 
cryptocommunication between the center which offers service, and the terminal which the side which receives 
service has, and terminal authentication. A terminal here contains a migration terminal, an IC card, etc. 
Moreover, a PURIPEDO card can also be used as a terminal. 
[0002] 

[Description of the Prior Art] When a center and a terminal perform an encryption communication link, it is 
necessary to share a cryptographic key in advance of a communication link. Moreover, when a center performs 
terminal authentication, it checks that the terminal side has the confidential information only for the terminals. 
In this case, a center must have the information for a confidential information check. The information for a 
confidential information check may be the confidential information itself. Although there is also an approach a 
center holds the public key of a terminal proper if a public-key-encryption system is used, it explains focusing 
on the approach a center obtains the confidential information itself here. Although the private key share 
approach of using a secret key cryptosystem system and a public-key-encryption system is explained below, 
these are stated to "the code and the information security" (Tsujii, the Kasahara work, Shokodo, 1990) in detail. 
Below, the part related to this invention is explained directly. 

[0003] As simplest approach for sharing (a center and a terminal should have the same confidential information) 
of confidential information, the pair of "Terminal ID" and "the key for the terminals" is beforehand set up for 
every terminal, a terminal holds "ID and the key" of the terminal, and a center has a method of holding "ID and 
the key" of all terminals. That is, a center is an approach which has a list of "ID and keys" about all terminals. 
Below, this approach is called a "key list mode." 

[0004] In a key list mode, if Terminal ID is transmitted from a terminal side in the case of 
cryptocommunication, a center can take out the cryptographic key for the terminals from a list. Since the 
terminal holds the self cryptographic key, the same key is sharable by both. Here, although the approach with 
the list of private keys was described, it has a public key list and the method of enciphering and sending "the 
extraordinary key used only within the communication link" with a public key at the time of communication 
link initiation is also learned. Anyway, a center needs to have a list of keys. 

[0005] There is an approach "key shared [ by ID ]" by the approach of applying a public-key-encryption system. 
This approach is stated to the above "a code and an information security" and a patent specification "a cipher 
system" (JP,63-314586,A) in detail. For example, the case where Terminal A and Terminal B communicate is 
considered. Terminal A is the self confidential information SA. The common public information alpha, n, and e 
is held. IDA which is ID (identification number) of Terminal A SA e and IDA **1 (mod n) 
******** — it is decided like. Similarly, Terminal B is the self confidential information SB. IDB which the 
common public information alpha, n, and e is held, and is ID of Terminal B SB e and IDB **1 (mod n) 
******** when A and B communicate, A is a random number rA. It is made to generate and they are xA =SA 
and alpharA (mod n). 

Becoming xA It calculates. A is IDA and xA to B. It sends. B is a random number rB similarly. It is made to 
generate and they are xB =SB and alpharB (mod n). 

Becoming xB It calculates and they are IDB and xB to A. It sends. A is Key KA. KA =(XB e and IDB) rA (mod 
n) 

http://www4.ipdl.ncipi.go.jp/cgi-bin/tran_web_cgi_ejje 11/1 7/2005 



JP,08t204702,A [DETAILED DESCRIPTION] 



Page 2 of 7 



Coming out and calculating, B is Key KB. KB =(XA e and IDA) rB (mod n) 

It comes out and calculates. If all procedure is performed correctly, KA =KB =alphaerArB will be materialized 

and a key will be shared. 

[0006] 

[Problem(s) to be Solved by the Invention] The key list mode has the fault that a list becomes large, if the 
number of available terminals increases. When the number of terminals also attains to tens of thousands, big 
computational complexity is needed for retrieval of a list. Moreover, although it offers when a terminal 
increases, and management of a list is needed, the time and effort of this management is also large. 
[0007] Since the key share by ID does not need to have a key list, the fault which the key list mode had is 
conquered. However, in the key share by ID, in order to use an exponentiation remainder operation (operation 
of the form of y=xe (mod n)), computational complexity becomes large. 

[0008] The technical problem which this invention tends to solve has an unnecessary key list, and 

computational complexity also realizes small key management. 

[0009] 

[Means for Solving the Problem] In order to solve these technical problems, invention of the first of this 
application Are cryptographic key management equipment at the time of a center and two or more terminals 
performing cryptocommunication, and it sets in said center. A storage means to hold center confidential 
information, and the network interface which receives ID of the terminal of a communications partner in 
encryption and decode, Provide the inverter which changes ID of this terminal using said center confidential 
information, and generates the key for a communication link, and the key supporting structure for a 
communication link holding this key for a communication link, and it sets to the terminal of said 
communications partner. The equipment holding self ID, and the storage holding the terminal confidential 
information which is the result of changing this self ID using said center confidential information, It is 
characterized by providing the network interface which transmits said self ID to said center, and the equipment 
which holds this terminal confidential information as keys for a communication link. 

[0010] In order to solve the above-mentioned technical problem, invention of the second of this application Are 
cryptographic key management equipment at the time of a center and two or more terminals performing 
cryptocommunication, and it sets in said center. A storage means to hold at least one center confidential 
information, and the network interface which transmits to a terminal the identification number which receives 
ID of the terminal of a communications partner in encryption and decode, and is used for a communication link 
in said center confidential information, The equipment which determines an identification number, and the 
inverter which changes ID of said terminal using said center confidential information corresponding to said 
identification number, and generates the key for a communication link, Provide the key supporting structure for 
a communication link holding this key for a communication link, and it sets to the terminal of said 
communications partner. The equipment holding self ID, and the storage holding the list of the terminal 
confidential information which is the result of changing this self ID using said center confidential information, 
Said self ID is transmitted to said center, and it is characterized by providing the network interface which 
receives said identification number, and the equipment which holds the terminal confidential information 
corresponding to said identification number as keys for a communication link. 

[001 1] In order to solve the above-mentioned technical problem, invention of the third of this application is 
characterized by using a secret key cryptosystem as conversion which generates a key from said terminal ID in 
the first of this application, or the second invention. 

[0012] In order to solve the above-mentioned technical problem, invention of the fourth of this application is 
characterized by using a Hash Function as conversion which generates a key from said terminal ID in the first 
of this application, or the second invention. 
[0013] 

[Function] A secret key cryptosystem is used in this invention. The technique of the secret key cryptosystem 

described below is stated to the aforementioned "aforementioned code and information security" in detail. Here, 

a secret key cryptosystem is briefly explained using the notation in this specification. 

[0014] A secret key cryptosystem is a method using the same key in encryption and decode. Between the 

encryption function Enchipher and the decryption function Decipher, it is [0015]. 

[Equation 1] 

VM, K:Decipher (K, Encipher (K, M) ) =M 
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[0016] There is relation to say. Here, the object document and K as which M is enciphered are called a key. 
Encryption according [ Encipher (K, M) ] to the key K of Document M and Decipher (K, C) express the decode 
with the key K of Cipher C. From restoring M for cipher C=Encipher (K, M) to K to not knowing, and 
Document M, in K, the encryption function Encipher is designed so that it may become difficult to create C to 
not knowing. 

[0017] In this invention, a Hash Function with a key is used further. The Hash Function with a key is C=hash 
(K, M). 

It is difficult to come out, to be and to create C for K from M to not knowing. In the case of a Hash Function 
with a key, the difference with a secret key cryptosystem is that a decode function does not exist. 
[0018] Hereafter, the principle of this invention is explained. 

[0019] Confidential information Kc which only a center gets to know in this invention A center has, and this is 
held so that it otherwise may not be known. IDi which is ID of the terminal at a terminal in case Terminal i is 
initialized Confidential information Si which only the terminal has It stores. Here, it is Si. Si =Encipher (Kc and 
IDi) 

It is determined that it becomes. Si A center calculates and it writes in a terminal. 

[0020] When a center and Terminal i communicate, a center is Si =Encipher (Kc and IDi) again. 

It calculates and is Si. It obtains. A terminal is Si. Since it holds, it is Si. It is sharable by the center and the 

terminal. If this approach is used, it will be Si except a center and Terminal i. Since it is incalculable, sharing of 

confidential information is realized. 

[0021] 

[Example] Next, this invention is explained to a detail with reference to a drawing. 

[0022] Drawing where drawing and drawing 1 (b) to which drawing 1 (a) expresses the flow of processing of 
initialization with the center and terminal in the first and the third and fourth invention of this application 
express the flow of the processing at the time of communication link initiation with the center and terminal in 
the first and the third and fourth invention of this application, and drawing 7 are drawings showing the 
configuration of one example of the first of this application, and the third and the fourth invention. According to 
these drawings, the example of the first of this application, and the third and the fourth invention is explained 
below. 

[0023] A center is the confidential information Kc which only a center has. It holds. IDi whose center is ID of 
the terminal in initialization of a terminal from ~ Si ^Encipher (Kc and IDi) 

It calculates ( drawing 1 step SI 1). A center is IDi. Si It writes in a terminal ( drawing 1 step SI 2). Here, a 
center does not need to be single equipment. Confidential information Kc with two or more same centers 
Operation which is held is also possible. 

[0024] For example, when carrying out this invention to the ATM card of a bank, it is Kc to the head office and 
each branch of a bank. It is just IDi, even if it has and is a branch of what. Si It can carry out so that an ATM 
card with a pair can be created. 

[0025] The operation which uses not an encryption function but a Hash Function with a key at the time of 
initialization of a terminal is also possible. 

[0026] IDi whose ID information supporting structure 391 is [ in / in the time of initiation of 
cryptocommunication / a terminal 360 ] Terminal ID first Delivery and a network interface 380 are IDi to a 
network interface 380. It sends to a center 300 through a network 350 ( drawing 1 step S21). Moreover, the 
terminal confidential information supporting structure 392 is the terminal confidential information Si. It sends 
to the key supporting structure 393 for a communication link. The communication link within these terminals 
360 is performed through a bus 370. 

[0027] In a center 300, a network interface 330 minds a network 350, and it is IDi from a terminal 360. It sends 
to a receipt and an inverter 320. An inverter 320 is the center confidential information supporting structure 321 
to the center confidential information Kc. Reception, Si =Encipher (Kc and IDi) 
It is alike, it follows and is the terminal confidential information Si. It calculates and stores in the key 
supporting structure 322 for a communication link ( drawing 1 step S22). The communication link in these 
centers 300 is performed through a bus 310. A terminal is the self confidential information Si. Since it holds, a 
center and a terminal are confidential information Si by the above procedure. It is sharable. Henceforth, a center 
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and a terminal can perform secret communication (R> drawing 1 1 step S23). A center is Si again. It is also 
possible to use and to perform terminal authentication. 

[0028] In the operation which uses a Hash Function at the time of terminal initialization, the Hash Function 
same also at the time of cryptocommunication initiation is used. 

[0029] The center which performs cryptocommunication is Kc. As long as it holds, there may be more than one. 
Moreover, it may be the same as that of the center which performs initialization processing of a terminal, and 
may be separate. 

[0030] If it returns to the example of the ATM card of a bank, each cash dispenser is Kc. It is Si, if it holds and 
an ATM card is inserted. It calculates, a card is attested and the justification of a card is checked. In this case, 
the equipment which publishes a card, and a cash dispenser can be carried out as different equipment. Namely, 
the card issue equipment which a branch has is exclusively for card issue, and a cash dispenser becomes service 
supplies only. 

[0031] Drawing 3 is one example of IC card reader using this invention. 

[0032] Data output equipment 101 sends reception and a data demand command for a data demand command to 
IC card 100 from card detection equipment 103. Data output equipment 101 sends [judgment equipment 121 to 
terminal confidential information ] Terminal ID for reception, Terminal ID, and terminal confidential 
information to IC card 1 00 from a counter 1 1 0 again. 

[0033] A data entry unit 102 is started in response to the starting command from card detection equipment 103, 
and Terminal ID is sent to reception from IC card 100, and it sends Terminal ID to data encryption equipment 
120. 

[0034] Card detection equipment 103 detects insertion of IC card 100, and mode information is sent to 
RAMI 1 1 from delivery and RAMI 1 1 , and it sends an output command for a data output command to reception 
and nonvolatile memory 1 12. A data demand command is sent to data output equipment 101, and card detection 
equipment 103 sends a starting command to a data entry unit 102, when mode information is "a communication 
link." Card detection equipment 103 sends a starting command to a counter 110, when mode information is 
"writing." 

[0035] The mode setting interface 104 receives a user's input, and sends mode information to RAMI 11. 
[0036] The counter 110 holds ID written in a degree. A counter 110 starts in response to an output command 
from card detection equipment 103, it transmits to data encryption equipment 120 and data output equipment 
101 by using as Terminal ID the numeric value which a counter 1 10 holds, and 1 is added to the numeric value 
which a counter 110 holds. 

[0037] The approach of inputting through an input interface as a means to supply an ID number, in addition to a 
counter, and the approach of making ID one by one with the function defined beforehand can be taken. 
[0038] RAMI 1 1 holds mode information. Here, mode information is "a communication link" or "writing." 
RAMI 1 1 holds reception and this for mode information from a mode setting interface. RAMI 1 1 sends a data 
output command to reception from card detection equipment 103, and sends mode information to card detection 
equipment 103. RAMI 1 1 sends a data output command to reception from judgment equipment 121, and sends 
mode information to judgment equipment 121. 

[0039] Nonvolatile memory 112 holds center confidential information. Nonvolatile memory 112 sends center 
confidential information to data encryption equipment 120 in response to an output command from card 
detection equipment 103. 

[0040] RAMI 13 for communication link keys carries out reception maintenance of the communication link key 
from judgment equipment 121 . RAMI 13 for communication link keys consists of equipment which performs 
the communication link with an IC card, and equipment which performs authentication of an IC card accessible. 

[0041] It uses [ nonvolatile memory / 1 12 ] center confidential information as a key for Terminal ID by using 
center confidential information as reception from a counter 110, and data encryption equipment 120 enciphers 
Terminal ID, generates terminal confidential information, and sends terminal confidential information to 
judgment equipment 121 . It uses [ nonvolatile memory / 1 12 ] center confidential information as a key for 
Terminal ID by using center confidential information as reception from a data entry unit 102 again, and data 
encryption equipment 120 enciphers Terminal ID, generates terminal confidential information, and sends 
terminal confidential information to judgment equipment 121. 
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[0042] Judgment equipment 121 receives [ terminal confidential information ] RAMI 1 1 to delivery and mode 
information from data encryption equipment 120 for an output command to reception and RAMI 1 1 . Judgment 
equipment 121 sends terminal confidential information to RAMI 13 for communication link keys, when mode 
information is "a communication link." Judgment equipment 121 sends terminal confidential information to 
data output equipment 101, when mode information is "writing." 

[0043] Although the example here carried out as equipment with the two modes of a communication link and 
writing was shown, operation of the equipment which only communicates, and the equipment which performs 
only writing is also possible. 

[0044] Drawing and drawing 2 (b) to which drawing 2 (a) expresses the flow of processing of initialization with 
the second and third, and fourth center and terminal in invention of this application are drawing showing the 
flow of the processing at the time of communication link initiation with the second and third, and fourth center 
and terminal in invention of this application, and drawing 8 is the second of this application and the third, and 
drawing showing the fourth configuration of one example of invention. According to these drawings, the 
example of the second of this application and the third, and the fourth invention is explained below. 
[0045] The center holds the confidential information Kcj (j= 1, 2, — , n) which only a center has. IDi whose 
center is ID of the terminal in initialization of a terminal from — Sij=Encipher (Kcj and IDi) (j= 1 , 2, --, n) 
It calculates ( drawing 2 step SI 1 1). A center is IDi. Sij (J= 1,2, — n) is written in a terminal ( drawing 2 step 
SI 12). Here, a center does not need to be single equipment. Operation holding the confidential information list 
Kcj (j= 1 , 2, — , n) with two or more same centers is also possible. 

[0046] At the time of initiation of cryptocommunication, it sets to a terminal 460 first, and ID information 
supporting structure 491 is IDi. It sends to a network interface 480. A network interface 480 is received IDi. It 
sends to a center 400 through a network 450 ( drawing 2 step SI 21). 

[0047] In a center 400, a network interface 430 minds a network 450, and it is IDi from a terminal 460. It 
receives. A network interface 430 is received IDi. It sends to an inverter 420. Identification number decision 
equipment 423 chooses one from the confidential information which the center confidential information 
supporting structure 421 holds (R> drawing 2 2 step SI 22). The identification number of this confidential 
information is set to j. Identification number decision equipment 423 sends j to the center confidential 
information supporting structure 421 and a network interface 430. The center confidential information 
supporting structure 421 holds at least one center confidential information. The center confidential information 
supporting structure 421 sends confidential information [ as opposed to reception and j for an identification 
number j ] to an inverter 420 from identification number decision equipment 423. An inverter 420 is a network 
interface 430 to IDi. They are reception and the terminal confidential information Sij about the center 
confidential information supporting structure 421 to the center confidential information Kcj Sij=Encipher (Kcj 
and IDi) 

It is alike, and follows and calculates ( drawing 2 step SI 22). An inverter 420 stores Sij in the key supporting 
structure 422 for a communication link. Reception is minded for the confidential information identification 
number j from identification number decision equipment 423, it minds a network 450 for this, and a network 
interface 430 sends it to a terminal 460 ( drawing 2 step SI 23). The communication link in a center 400 is 
performed through a bus 410. 

[0048] In a terminal 460, through a network 460, an identification number j is sent to reception from a center 
400, and a network interface 480 sends this to the terminal confidential information supporting structure 492. 
The terminal confidential information supporting structure 492 stores the confidential information Sij 
corresponding to reception and j for an identification number j in the key supporting structure 493 for a 
communication link from a network interface 480. The communication link within a terminal 460 is performed 
through a bus 470. 

[0049] A center 400 and a terminal 460 can share confidential information Sij between the above procedure. 
Henceforth, a center and a terminal can perform secret communication ( drawing 2 step SI 24). A center can 
also perform terminal authentication again using Sij. 

[0050] If this example is applied to the example of an ATM card, it will be the approach the cash dispenser in 
the Hokkaido area has Kcl, and a northeast area has Kc2, and it will become possible to use different center 
confidential information for every area, for example. Even if Kcj is known for a certain situation by the 
malicious user, service of the area which does not use the confidential information is maintained at insurance. 
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Not an area but A bank of the use partition of confidential information is possible also for the operation [ bank / 
Kcl and / B ] Kc2 and — . Moreover, the example using the confidential information which changes with time of 
day is also considered. 

[0051] Also about this example, a Hash Function can be used instead of a code function. 
[0052] Drawing 4 is one example of the equipment of IC card initialization. 

[0053] Data output equipment 101a receives Terminal ID from counter 1 lOfor ID a, and sends this to IC card 
100a. Data output equipment 101 a sends the terminal confidential information corresponding to two or more 
center confidential information of each to reception and IC card 1 00a one by one from data-encryption- 
equipment 120a further. 

[0054] Card detection equipment 103a sends a starting command to counter 1 lOfor ID a, and the counter 130 
for confidential information discernment. 

[0055] Counter 1 10a for ID holds ID written in a degree. Counter 1 10a for ID is started in response to an output 
command from card detection equipment 103a, transmits to data-encryption-equipment 120a and data output 
equipment 101a by using as Terminal ID the numeric value which counter 1 10a for ID holds, and adds 1 to the 
numeric value which counter 1 10a for ID holds. 

[0056] Nonvolatile memory 1 12a holds the list of center confidential information. Nonvolatile memory 1 12a 
sends the center confidential information corresponding to reception and a confidential information 
identification number for a confidential information identification number to data-encryption-equipment 120a 
from the counter 130 for confidential information discernment. 

[0057] Data encryption equipment 120 generates the terminal confidential information which used [ Terminal 
ID ] reception and each center confidential information as the key for nonvolatile memory 1 1 2 to reception and 
center confidential information one by one from counter 1 10a, and enciphered Terminal ID, and sends terminal 
confidential information to data output equipment 101a one by one. 

[0058] The counter 130 for confidential information discernment receives a starting command from card 
detection equipment 103 a, carries out sequential generation of the identification number of the confidential 
information stored in nonvolatile memory 1 1 2a, and sends the generated identification number to nonvolatile 
memory 112a. 

[0059] Drawing 5 is one example in the case of applying this invention to IC card reader. 
[0060] Data output equipment 101b sends reception and a data demand command for a data demand command 
to IC card 100b from card detection equipment 103b. Data output equipment 101b sends a confidential 
information identification number to reception from identification number decision equipment 140, and sends 
this to IC card 100b. 

[0061] Data entry unit 102b is started in response to the starting command from card detection equipment 103b, 
and Terminal ID is sent to reception from IC cardlOOb, and it sends Terminal ID to data-encryption-equipment 
120b. 

[0062] card detection equipment 103b — insertion of IC card 100b — detecting — data output card detection 
equipment 1 03b — a starting command is sent to data entry unit 1 02b, and a starting command is sent for a data 
demand command to identification number decision equipment 140 at data output equipment 101b. 
[0063] Nonvolatile memory 1 12b holds at least one center confidential information. Nonvolatile memory 1 12b 
sends the center confidential information corresponding to reception and a confidential information 
identification number for a confidential information identification number to data-encryption-equipment 120b 
from identification number decision equipment 140. 

[0064] RAMI 13b for communication link keys carries out reception maintenance of the communication link 
key from data-encryption-equipment 120b. RAMI 13b for communication link keys consists of equipment 
which performs the communication link with an IC card, and equipment which performs authentication of an IC 
card accessible. 

[0065] It uses [ b / nonvolatile memory 112] center confidential information as a key for Terminal ID by using 
center confidential information as reception from data entry unit 102b again, and data-encryption-equipment 
120b enciphers Terminal ID, generates terminal confidential information, and sends terminal confidential 
information to RAMI 13b for communication link keys. 

[0066] Identification number decision equipment 140 is started in response to the starting command from card 
detection equipment 103b, chooses one of the center confidential information which nonvolatile memory 1 12b 

http://www4.ipdl.ncipi.go.jp/cgi-bin/tran_web_cgi_ejje 1 1/1 7/2005 



JP,08-204702,A [DETAILED DESCRIPTION] 



Page 7 of 7 



holds, and sends the identification number to nonvolatile memory 1 12b and data output equipment 101b. 
[0067] Here, the decision of an identification number may be made by random numbers, and you may carry out 
based on time information. Moreover, the identification number of single confidential information in which the 
operation whose nonvolatile memory 1 12b has only single confidential information is also possible, and 
nonvolatile memory 1 12b has identification number decision equipment 140 in this case will be outputted. 
[0068] Although the example which carries out a communication link and writing as respectively independent 
equipment was shown here, the operation as one equipment which has the mode of a communication link and 
writing like the example of drawing 3 is also possible. 

[0069] Drawing 6 is an example which carries out this invention by using an IC card as a terminal. 

[0070] An output unit 200 sends Terminal ID to reception and a card reader 220 from the nonvolatile memory 

210 for ID maintenance. 

[0071] From a card reader 220, an input unit 201 writes reception and Terminal ID in the nonvolatile memory 
210 for ID maintenance, and writes a terminal confidential information list for Terminal ID and a terminal 
confidential information list in the nonvolatile memory 211 for confidential information maintenance. 
[0072] An input device 201 sends an output command for a data demand command to reception and the 
nonvolatile memory 210 for ID maintenance from a card reader 220 again. Further, an input unit 201 sends a 
terminal confidential information identification number to reception from a card reader 220, and sends this to 
the nonvolatile memory 211 for confidential information maintenance. 

[0073] The nonvolatile memory 210 for ID maintenance carries out reception maintenance of the terminal ID 
from an input unit 201 . The nonvolatile memory 210 for ID maintenance receives an output command from an 
input unit 201, and sends Terminal ID to an output unit 200 again. 

[0074] The nonvolatile memory 211 for confidential information maintenance receives and holds a terminal 
confidential information list from an input unit 201. The nonvolatile memory 211 for confidential information 
maintenance sends a terminal confidential information identification number to reception from an input unit 
201, and sends corresponding terminal confidential information to RAM212 for communication link keys again. 

[0075] RAM212 for communication link keys carries out reception maintenance of the terminal confidential 
information from the nonvolatile memory 211 for confidential information maintenance. 
[0076] RAM212 for communication link keys consists of equipment which performs the communication link 
with a card reader accessible. 

[0077] Here, although the example carried out to the ATM card of a bank was described, it can carry out also 
like the PURIPEDO card used for large applications, such as a telephone and a means of transportation. 
Moreover, it can also carry out to the communication link between the IC card of the non-contact mold used 
with the ski lift etc., and tariff collection equipment. 

[0078] Moreover, the operation to the approach of performing the communication link of a mounted terminal 
and road-side equipment for tariff collection of a highway is also possible. In this case, the user of a mounted 
terminal besides the operation which realizes a mounted terminal as a PURIPEDO card is registered, and the 
method of collecting a tariff later is also considered. 
[0079] 

[Effect of the Invention] By this invention, a center can perform secret communication with a terminal, and 
terminal authentication, without having a confidential information list of each terminals. Moreover, since it was 
possible to use a high-speed secret key cryptosystem and a high-speed Hash Function unlike key sharing of ID 
use, big computational complexity became unnecessary. 
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* NOTICES * 

JPO and NCIPX are not responsible for any 
damages caused by the use of this translation. 

1 .This document has been translated by computer. So the translation may not reflect the original precisely. 
2.**** shows the word which can not be translated. 
3. In the drawings, any words are not translated. 
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